package com.cskaoyan.controller.admin;

import com.cskaoyan.bean.BaseRespVo;
import com.cskaoyan.bean.admin.Admin;
import com.cskaoyan.bean.admin.DataBean;
import com.cskaoyan.bean.admin.InfoBean;
import com.cskaoyan.service.admin.AuthService;
import com.cskaoyan.shiro.MallToken;
import com.cskaoyan.utils.ValidationUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.BindingResult;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.*;

/**
 * 类<code>Doc</code>用于：TODO
 *
 * @author Acher
 * @version 1.0
 * @date 2021-10-18
 */
@RequestMapping("admin/auth")
@RestController
public class AuthController {

    @Autowired
    AuthService authService;

    @RequestMapping("info")
    // http://localhost:8083/admin/auth/info?token=5e6739ae-0b9a-479e-9376-5fc8a6333aee
    public BaseRespVo info() {
        //查询用户信息
        Admin principal = (Admin) SecurityUtils
                .getSubject()
                .getPrincipals()
                .getPrimaryPrincipal();
        InfoBean infoBean = new InfoBean();
        infoBean.setAvatar(principal.getAvatar());
        infoBean.setName(principal.getUsername());
        // 根据roleIds查role表获取name
        // 根据roleIds查permission表获取permission
        // 根据permission查system_permission表获取api
        authService.query(infoBean, principal.getRoleIds());
        return BaseRespVo.ok(infoBean);
    }

    @PostMapping("logout")
    // http://localhost:8083/admin/auth/logout
    public BaseRespVo logout() {
        // 执行登出业务并响应结果，登出业务先略
        return BaseRespVo.ok();
    }

    @PostMapping("login")
    // http://localhost:8083/admin/auth/login
    public BaseRespVo login(@RequestBody @Validated Admin admin, BindingResult bindingResult) {
        String username = admin.getUsername();
        String password = admin.getPassword();
        // 执行登录业务，并且响应结果
        Subject subject = SecurityUtils.getSubject();
        MallToken mallToken = new MallToken(username, password, "custom");
        subject.login(mallToken);
        // subject.login -> Authenticator执行认证 -> realm的doGetAuthenticatorInfo
        // 可以获得认证状态
        // boolean authenticated = subject.isAuthenticated();
        // 获得用户信息 → realm里的doGetAuthenInfo中的构造的Principal信息
        Admin principal = (Admin) subject.getPrincipals().getPrimaryPrincipal();
        DataBean dataBean = new DataBean();
        DataBean.AdminInfoBean adminInfo = new DataBean.AdminInfoBean();
        adminInfo.setAvatar(principal.getAvatar());
        adminInfo.setNickName(principal.getUsername());
        dataBean.setAdminInfo(adminInfo);
        // token是sessionId
        dataBean.setToken(((String) subject.getSession().getId()));
        return BaseRespVo.ok(dataBean);
    }
}
